I noticed that there wasn't a clear reference to the Juniper failures related to DUAL_EC_DRBG in the Encryption Compendium.
This is a deeply informative case study about a range of different policies related to encryption, most prominently the likely backdoored random number generator DUAL_EC_DRBG, its attempt at use in Juniper's ScreenOS, and how this appears to have created an avenue of attack for an unknown third party.
Here's a reasonable link to an overview of the situation:
https://medium.com/@cskemmerer/the-juniper-backdoor-a-summary-209482717cd4
I noticed that there wasn't a clear reference to the Juniper failures related to DUAL_EC_DRBG in the Encryption Compendium.
This is a deeply informative case study about a range of different policies related to encryption, most prominently the likely backdoored random number generator DUAL_EC_DRBG, its attempt at use in Juniper's ScreenOS, and how this appears to have created an avenue of attack for an unknown third party.
Here's a reasonable link to an overview of the situation:
https://medium.com/@cskemmerer/the-juniper-backdoor-a-summary-209482717cd4